@matter/protocol 0.15.0-alpha.0-20250613-a55f991d4 → 0.15.0-alpha.0-20250616-4b3754906
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/certificate/AttestationCertificateManager.d.ts +3 -3
- package/dist/cjs/certificate/AttestationCertificateManager.d.ts.map +1 -1
- package/dist/cjs/certificate/AttestationCertificateManager.js +12 -10
- package/dist/cjs/certificate/AttestationCertificateManager.js.map +1 -1
- package/dist/cjs/certificate/CertificateAuthority.d.ts +5 -3
- package/dist/cjs/certificate/CertificateAuthority.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificateAuthority.js +19 -11
- package/dist/cjs/certificate/CertificateAuthority.js.map +1 -1
- package/dist/cjs/certificate/CertificateManager.d.ts +18 -15
- package/dist/cjs/certificate/CertificateManager.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificateManager.js +92 -83
- package/dist/cjs/certificate/CertificateManager.js.map +2 -2
- package/dist/cjs/certificate/CertificationDeclarationManager.d.ts +7 -1
- package/dist/cjs/certificate/CertificationDeclarationManager.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificationDeclarationManager.js +2 -2
- package/dist/cjs/certificate/CertificationDeclarationManager.js.map +1 -1
- package/dist/cjs/certificate/DeviceCertification.d.ts +2 -2
- package/dist/cjs/certificate/DeviceCertification.d.ts.map +1 -1
- package/dist/cjs/certificate/DeviceCertification.js +10 -4
- package/dist/cjs/certificate/DeviceCertification.js.map +1 -1
- package/dist/cjs/common/FailsafeContext.js +1 -1
- package/dist/cjs/common/FailsafeContext.js.map +1 -1
- package/dist/cjs/fabric/Fabric.d.ts +6 -4
- package/dist/cjs/fabric/Fabric.d.ts.map +1 -1
- package/dist/cjs/fabric/Fabric.js +33 -20
- package/dist/cjs/fabric/Fabric.js.map +1 -1
- package/dist/cjs/fabric/FabricAuthority.d.ts +1 -1
- package/dist/cjs/fabric/FabricAuthority.d.ts.map +1 -1
- package/dist/cjs/fabric/FabricAuthority.js +7 -7
- package/dist/cjs/fabric/FabricAuthority.js.map +1 -1
- package/dist/cjs/fabric/FabricManager.d.ts +3 -2
- package/dist/cjs/fabric/FabricManager.d.ts.map +1 -1
- package/dist/cjs/fabric/FabricManager.js +8 -3
- package/dist/cjs/fabric/FabricManager.js.map +1 -1
- package/dist/cjs/fabric/TestFabric.d.ts.map +1 -1
- package/dist/cjs/fabric/TestFabric.js +15 -19
- package/dist/cjs/fabric/TestFabric.js.map +1 -1
- package/dist/cjs/groups/FabricGroups.d.ts.map +1 -1
- package/dist/cjs/groups/FabricGroups.js +11 -7
- package/dist/cjs/groups/FabricGroups.js.map +1 -1
- package/dist/cjs/groups/KeySets.d.ts +2 -2
- package/dist/cjs/groups/KeySets.d.ts.map +1 -1
- package/dist/cjs/groups/KeySets.js +2 -2
- package/dist/cjs/groups/KeySets.js.map +1 -1
- package/dist/cjs/groups/MessagingState.d.ts +2 -2
- package/dist/cjs/groups/MessagingState.d.ts.map +1 -1
- package/dist/cjs/groups/MessagingState.js +4 -2
- package/dist/cjs/groups/MessagingState.js.map +1 -1
- package/dist/cjs/mdns/MdnsBroadcaster.d.ts +3 -3
- package/dist/cjs/mdns/MdnsBroadcaster.d.ts.map +1 -1
- package/dist/cjs/mdns/MdnsBroadcaster.js +7 -4
- package/dist/cjs/mdns/MdnsBroadcaster.js.map +1 -1
- package/dist/cjs/mdns/MdnsService.d.ts.map +1 -1
- package/dist/cjs/mdns/MdnsService.js +2 -1
- package/dist/cjs/mdns/MdnsService.js.map +1 -1
- package/dist/cjs/peer/ControllerCommissioner.js +1 -1
- package/dist/cjs/peer/ControllerCommissioner.js.map +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.d.ts +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.d.ts.map +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.js +3 -4
- package/dist/cjs/peer/ControllerCommissioningFlow.js.map +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.d.ts.map +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.js +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.js.map +1 -1
- package/dist/cjs/protocol/ExchangeManager.d.ts +4 -2
- package/dist/cjs/protocol/ExchangeManager.d.ts.map +1 -1
- package/dist/cjs/protocol/ExchangeManager.js +11 -6
- package/dist/cjs/protocol/ExchangeManager.js.map +1 -1
- package/dist/cjs/protocol/MessageCounter.d.ts +4 -4
- package/dist/cjs/protocol/MessageCounter.d.ts.map +1 -1
- package/dist/cjs/protocol/MessageCounter.js +7 -6
- package/dist/cjs/protocol/MessageCounter.js.map +1 -1
- package/dist/cjs/session/GroupSession.d.ts.map +1 -1
- package/dist/cjs/session/GroupSession.js +7 -2
- package/dist/cjs/session/GroupSession.js.map +1 -1
- package/dist/cjs/session/InsecureSession.d.ts +2 -0
- package/dist/cjs/session/InsecureSession.d.ts.map +1 -1
- package/dist/cjs/session/InsecureSession.js +2 -2
- package/dist/cjs/session/InsecureSession.js.map +1 -1
- package/dist/cjs/session/NodeSession.d.ts +3 -1
- package/dist/cjs/session/NodeSession.d.ts.map +1 -1
- package/dist/cjs/session/NodeSession.js +21 -13
- package/dist/cjs/session/NodeSession.js.map +1 -1
- package/dist/cjs/session/SessionManager.d.ts +1 -0
- package/dist/cjs/session/SessionManager.d.ts.map +1 -1
- package/dist/cjs/session/SessionManager.js +13 -3
- package/dist/cjs/session/SessionManager.js.map +1 -1
- package/dist/cjs/session/case/CaseClient.d.ts.map +1 -1
- package/dist/cjs/session/case/CaseClient.js +16 -15
- package/dist/cjs/session/case/CaseClient.js.map +1 -1
- package/dist/cjs/session/case/CaseServer.d.ts.map +1 -1
- package/dist/cjs/session/case/CaseServer.js +22 -18
- package/dist/cjs/session/case/CaseServer.js.map +1 -1
- package/dist/cjs/session/pase/PaseClient.d.ts +4 -4
- package/dist/cjs/session/pase/PaseClient.d.ts.map +1 -1
- package/dist/cjs/session/pase/PaseClient.js +11 -9
- package/dist/cjs/session/pase/PaseClient.js.map +1 -1
- package/dist/cjs/session/pase/PaseServer.d.ts.map +1 -1
- package/dist/cjs/session/pase/PaseServer.js +6 -5
- package/dist/cjs/session/pase/PaseServer.js.map +1 -1
- package/dist/esm/certificate/AttestationCertificateManager.d.ts +3 -3
- package/dist/esm/certificate/AttestationCertificateManager.d.ts.map +1 -1
- package/dist/esm/certificate/AttestationCertificateManager.js +13 -11
- package/dist/esm/certificate/AttestationCertificateManager.js.map +1 -1
- package/dist/esm/certificate/CertificateAuthority.d.ts +5 -3
- package/dist/esm/certificate/CertificateAuthority.d.ts.map +1 -1
- package/dist/esm/certificate/CertificateAuthority.js +19 -11
- package/dist/esm/certificate/CertificateAuthority.js.map +1 -1
- package/dist/esm/certificate/CertificateManager.d.ts +18 -15
- package/dist/esm/certificate/CertificateManager.d.ts.map +1 -1
- package/dist/esm/certificate/CertificateManager.js +92 -84
- package/dist/esm/certificate/CertificateManager.js.map +2 -2
- package/dist/esm/certificate/CertificationDeclarationManager.d.ts +7 -1
- package/dist/esm/certificate/CertificationDeclarationManager.d.ts.map +1 -1
- package/dist/esm/certificate/CertificationDeclarationManager.js +2 -2
- package/dist/esm/certificate/CertificationDeclarationManager.js.map +1 -1
- package/dist/esm/certificate/DeviceCertification.d.ts +2 -2
- package/dist/esm/certificate/DeviceCertification.d.ts.map +1 -1
- package/dist/esm/certificate/DeviceCertification.js +11 -5
- package/dist/esm/certificate/DeviceCertification.js.map +1 -1
- package/dist/esm/common/FailsafeContext.js +1 -1
- package/dist/esm/common/FailsafeContext.js.map +1 -1
- package/dist/esm/fabric/Fabric.d.ts +6 -4
- package/dist/esm/fabric/Fabric.d.ts.map +1 -1
- package/dist/esm/fabric/Fabric.js +33 -21
- package/dist/esm/fabric/Fabric.js.map +1 -1
- package/dist/esm/fabric/FabricAuthority.d.ts +1 -1
- package/dist/esm/fabric/FabricAuthority.d.ts.map +1 -1
- package/dist/esm/fabric/FabricAuthority.js +8 -15
- package/dist/esm/fabric/FabricAuthority.js.map +1 -1
- package/dist/esm/fabric/FabricManager.d.ts +3 -2
- package/dist/esm/fabric/FabricManager.d.ts.map +1 -1
- package/dist/esm/fabric/FabricManager.js +9 -3
- package/dist/esm/fabric/FabricManager.js.map +1 -1
- package/dist/esm/fabric/TestFabric.d.ts.map +1 -1
- package/dist/esm/fabric/TestFabric.js +16 -20
- package/dist/esm/fabric/TestFabric.js.map +1 -1
- package/dist/esm/groups/FabricGroups.d.ts.map +1 -1
- package/dist/esm/groups/FabricGroups.js +12 -8
- package/dist/esm/groups/FabricGroups.js.map +1 -1
- package/dist/esm/groups/KeySets.d.ts +2 -2
- package/dist/esm/groups/KeySets.d.ts.map +1 -1
- package/dist/esm/groups/KeySets.js +3 -3
- package/dist/esm/groups/KeySets.js.map +1 -1
- package/dist/esm/groups/MessagingState.d.ts +2 -2
- package/dist/esm/groups/MessagingState.d.ts.map +1 -1
- package/dist/esm/groups/MessagingState.js +4 -2
- package/dist/esm/groups/MessagingState.js.map +1 -1
- package/dist/esm/mdns/MdnsBroadcaster.d.ts +3 -3
- package/dist/esm/mdns/MdnsBroadcaster.d.ts.map +1 -1
- package/dist/esm/mdns/MdnsBroadcaster.js +7 -5
- package/dist/esm/mdns/MdnsBroadcaster.js.map +1 -1
- package/dist/esm/mdns/MdnsService.d.ts.map +1 -1
- package/dist/esm/mdns/MdnsService.js +3 -1
- package/dist/esm/mdns/MdnsService.js.map +1 -1
- package/dist/esm/peer/ControllerCommissioner.js +1 -1
- package/dist/esm/peer/ControllerCommissioner.js.map +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.d.ts +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.d.ts.map +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.js +3 -5
- package/dist/esm/peer/ControllerCommissioningFlow.js.map +1 -1
- package/dist/esm/protocol/DeviceCommissioner.d.ts.map +1 -1
- package/dist/esm/protocol/DeviceCommissioner.js +1 -2
- package/dist/esm/protocol/DeviceCommissioner.js.map +1 -1
- package/dist/esm/protocol/ExchangeManager.d.ts +4 -2
- package/dist/esm/protocol/ExchangeManager.d.ts.map +1 -1
- package/dist/esm/protocol/ExchangeManager.js +11 -6
- package/dist/esm/protocol/ExchangeManager.js.map +1 -1
- package/dist/esm/protocol/MessageCounter.d.ts +4 -4
- package/dist/esm/protocol/MessageCounter.d.ts.map +1 -1
- package/dist/esm/protocol/MessageCounter.js +8 -7
- package/dist/esm/protocol/MessageCounter.js.map +1 -1
- package/dist/esm/session/GroupSession.d.ts.map +1 -1
- package/dist/esm/session/GroupSession.js +7 -3
- package/dist/esm/session/GroupSession.js.map +1 -1
- package/dist/esm/session/InsecureSession.d.ts +2 -0
- package/dist/esm/session/InsecureSession.d.ts.map +1 -1
- package/dist/esm/session/InsecureSession.js +2 -2
- package/dist/esm/session/InsecureSession.js.map +1 -1
- package/dist/esm/session/NodeSession.d.ts +3 -1
- package/dist/esm/session/NodeSession.d.ts.map +1 -1
- package/dist/esm/session/NodeSession.js +22 -14
- package/dist/esm/session/NodeSession.js.map +1 -1
- package/dist/esm/session/SessionManager.d.ts +1 -0
- package/dist/esm/session/SessionManager.d.ts.map +1 -1
- package/dist/esm/session/SessionManager.js +13 -4
- package/dist/esm/session/SessionManager.js.map +1 -1
- package/dist/esm/session/case/CaseClient.d.ts.map +1 -1
- package/dist/esm/session/case/CaseClient.js +17 -16
- package/dist/esm/session/case/CaseClient.js.map +1 -1
- package/dist/esm/session/case/CaseServer.d.ts.map +1 -1
- package/dist/esm/session/case/CaseServer.js +23 -19
- package/dist/esm/session/case/CaseServer.js.map +1 -1
- package/dist/esm/session/pase/PaseClient.d.ts +4 -4
- package/dist/esm/session/pase/PaseClient.d.ts.map +1 -1
- package/dist/esm/session/pase/PaseClient.js +12 -10
- package/dist/esm/session/pase/PaseClient.js.map +1 -1
- package/dist/esm/session/pase/PaseServer.d.ts.map +1 -1
- package/dist/esm/session/pase/PaseServer.js +6 -6
- package/dist/esm/session/pase/PaseServer.js.map +1 -1
- package/package.json +6 -6
- package/src/certificate/AttestationCertificateManager.ts +12 -10
- package/src/certificate/CertificateAuthority.ts +20 -11
- package/src/certificate/CertificateManager.ts +77 -72
- package/src/certificate/CertificationDeclarationManager.ts +3 -3
- package/src/certificate/DeviceCertification.ts +10 -4
- package/src/common/FailsafeContext.ts +1 -1
- package/src/fabric/Fabric.ts +36 -20
- package/src/fabric/FabricAuthority.ts +8 -16
- package/src/fabric/FabricManager.ts +10 -3
- package/src/fabric/TestFabric.ts +17 -22
- package/src/groups/FabricGroups.ts +20 -8
- package/src/groups/KeySets.ts +2 -2
- package/src/groups/MessagingState.ts +6 -3
- package/src/mdns/MdnsBroadcaster.ts +11 -4
- package/src/mdns/MdnsService.ts +3 -1
- package/src/peer/ControllerCommissioner.ts +1 -1
- package/src/peer/ControllerCommissioningFlow.ts +4 -6
- package/src/protocol/DeviceCommissioner.ts +1 -2
- package/src/protocol/ExchangeManager.ts +13 -6
- package/src/protocol/MessageCounter.ts +11 -3
- package/src/session/GroupSession.ts +7 -3
- package/src/session/InsecureSession.ts +4 -3
- package/src/session/NodeSession.ts +25 -14
- package/src/session/SessionManager.ts +14 -4
- package/src/session/case/CaseClient.ts +18 -16
- package/src/session/case/CaseServer.ts +22 -17
- package/src/session/pase/PaseClient.ts +11 -9
- package/src/session/pase/PaseServer.ts +6 -5
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Copyright 2022-2025 Matter.js Authors
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
|
-
import { Bytes,
|
|
6
|
+
import { Bytes, Logger, PublicKey, UnexpectedDataError } from "#general";
|
|
7
7
|
import { ChannelStatusResponseError } from "#securechannel/index.js";
|
|
8
8
|
import { NodeId, ProtocolStatusCode } from "#types";
|
|
9
9
|
import { TlvIntermediateCertificate, TlvOperationalCertificate } from "../../certificate/CertificateManager.js";
|
|
@@ -39,21 +39,22 @@ class CaseClient {
|
|
|
39
39
|
}
|
|
40
40
|
}
|
|
41
41
|
async #doPair(messenger, exchange, fabric, peerNodeId) {
|
|
42
|
-
const
|
|
42
|
+
const { crypto } = fabric;
|
|
43
|
+
const initiatorRandom = crypto.randomBytes(32);
|
|
43
44
|
const initiatorSessionId = await this.#sessions.getNextAvailableSessionId();
|
|
44
45
|
const { operationalIdentityProtectionKey, operationalCert: localNoc, intermediateCACert: localIcac } = fabric;
|
|
45
|
-
const localKey = await
|
|
46
|
+
const localKey = await crypto.createKeyPair();
|
|
46
47
|
let sigma1Bytes;
|
|
47
48
|
let resumed = false;
|
|
48
49
|
let resumptionRecord = this.#sessions.findResumptionRecordByAddress(fabric.addressOf(peerNodeId));
|
|
49
50
|
if (resumptionRecord !== void 0) {
|
|
50
51
|
const { sharedSecret, resumptionId } = resumptionRecord;
|
|
51
|
-
const resumeKey = await
|
|
52
|
+
const resumeKey = await crypto.createHkdfKey(
|
|
52
53
|
sharedSecret,
|
|
53
54
|
Bytes.concat(initiatorRandom, resumptionId),
|
|
54
55
|
KDFSR1_KEY_INFO
|
|
55
56
|
);
|
|
56
|
-
const initiatorResumeMic =
|
|
57
|
+
const initiatorResumeMic = crypto.encrypt(resumeKey, new Uint8Array(0), RESUME1_MIC_NONCE);
|
|
57
58
|
sigma1Bytes = await messenger.sendSigma1({
|
|
58
59
|
initiatorSessionId,
|
|
59
60
|
destinationId: await fabric.currentDestinationIdFor(peerNodeId, initiatorRandom),
|
|
@@ -88,8 +89,8 @@ class CaseClient {
|
|
|
88
89
|
...resumptionSessionParams ?? {}
|
|
89
90
|
};
|
|
90
91
|
const resumeSalt = Bytes.concat(initiatorRandom, resumptionId);
|
|
91
|
-
const resumeKey = await
|
|
92
|
-
|
|
92
|
+
const resumeKey = await crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
|
|
93
|
+
crypto.decrypt(resumeKey, resumeMic, RESUME2_MIC_NONCE);
|
|
93
94
|
const secureSessionSalt = Bytes.concat(initiatorRandom, resumptionRecord.resumptionId);
|
|
94
95
|
secureSession = await this.#sessions.createSecureSession({
|
|
95
96
|
sessionId: initiatorSessionId,
|
|
@@ -123,15 +124,15 @@ class CaseClient {
|
|
|
123
124
|
...exchange.session.parameters,
|
|
124
125
|
...responderSessionParams ?? {}
|
|
125
126
|
};
|
|
126
|
-
const sharedSecret = await
|
|
127
|
+
const sharedSecret = await crypto.generateDhSecret(localKey, PublicKey(peerKey));
|
|
127
128
|
const sigma2Salt = Bytes.concat(
|
|
128
129
|
operationalIdentityProtectionKey,
|
|
129
130
|
responderRandom,
|
|
130
131
|
peerKey,
|
|
131
|
-
await
|
|
132
|
+
await crypto.computeSha256(sigma1Bytes)
|
|
132
133
|
);
|
|
133
|
-
const sigma2Key = await
|
|
134
|
-
const peerEncryptedData =
|
|
134
|
+
const sigma2Key = await crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
|
|
135
|
+
const peerEncryptedData = crypto.decrypt(sigma2Key, peerEncrypted, TBE_DATA2_NONCE);
|
|
135
136
|
const {
|
|
136
137
|
responderNoc: peerNoc,
|
|
137
138
|
responderIcac: peerIcac,
|
|
@@ -148,7 +149,7 @@ class CaseClient {
|
|
|
148
149
|
ellipticCurvePublicKey: peerPublicKey,
|
|
149
150
|
subject: { fabricId: peerFabricIdNOCert, nodeId: peerNodeIdNOCert }
|
|
150
151
|
} = TlvOperationalCertificate.decode(peerNoc);
|
|
151
|
-
await
|
|
152
|
+
await crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
|
|
152
153
|
if (peerNodeIdNOCert !== peerNodeId) {
|
|
153
154
|
throw new UnexpectedDataError(
|
|
154
155
|
`The node ID in the peer certificate ${peerNodeIdNOCert} doesn't match the expected peer node ID ${peerNodeId}`
|
|
@@ -172,9 +173,9 @@ class CaseClient {
|
|
|
172
173
|
await fabric.verifyCredentials(peerNoc, peerIcac);
|
|
173
174
|
const sigma3Salt = Bytes.concat(
|
|
174
175
|
operationalIdentityProtectionKey,
|
|
175
|
-
await
|
|
176
|
+
await crypto.computeSha256([sigma1Bytes, sigma2Bytes])
|
|
176
177
|
);
|
|
177
|
-
const sigma3Key = await
|
|
178
|
+
const sigma3Key = await crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
|
|
178
179
|
const signatureData = TlvSignedData.encode({
|
|
179
180
|
responderNoc: localNoc,
|
|
180
181
|
responderIcac: localIcac,
|
|
@@ -187,13 +188,13 @@ class CaseClient {
|
|
|
187
188
|
responderIcac: localIcac,
|
|
188
189
|
signature
|
|
189
190
|
});
|
|
190
|
-
const encrypted =
|
|
191
|
+
const encrypted = crypto.encrypt(sigma3Key, encryptedData, TBE_DATA3_NONCE);
|
|
191
192
|
const sigma3Bytes = await messenger.sendSigma3({ encrypted });
|
|
192
193
|
await messenger.waitForSuccess("Sigma3-Success");
|
|
193
194
|
const { caseAuthenticatedTags } = resumptionRecord ?? {};
|
|
194
195
|
const secureSessionSalt = Bytes.concat(
|
|
195
196
|
operationalIdentityProtectionKey,
|
|
196
|
-
await
|
|
197
|
+
await crypto.computeSha256([sigma1Bytes, sigma2Bytes, sigma3Bytes])
|
|
197
198
|
);
|
|
198
199
|
secureSession = await this.#sessions.createSecureSession({
|
|
199
200
|
sessionId: initiatorSessionId,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseClient.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,WAAW,2BAA2B;AAC9D,SAAS,kCAAkC;AAE3C,SAAS,QAAQ,0BAA0B;AAC3C,SAAS,4BAA4B,iCAAiC;AAGtE;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,2BAA2B;AAEpC,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,MAAM,KAAK,UAA2B,QAAgB,YAAoB,0BAAmC;AACzG,UAAM,YAAY,IAAI,oBAAoB,UAAU,wBAAwB;AAE5E,QAAI;AACA,aAAO,MAAM,KAAK,QAAQ,WAAW,UAAU,QAAQ,UAAU;AAAA,IACrE,SAAS,OAAO;AACZ,UAAI,EAAE,iBAAiB,6BAA6B;AAChD,cAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,MAC7D;AACA,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ,WAAgC,UAA2B,QAAgB,YAAoB;AACzG,UAAM,EAAE,OAAO,IAAI;AAGnB,UAAM,kBAAkB,OAAO,YAAY,EAAE;AAC7C,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,EAAE,kCAAkC,iBAAiB,UAAU,oBAAoB,UAAU,IAAI;AACvG,UAAM,WAAW,MAAM,OAAO,cAAc;AAG5C,QAAI;AACJ,QAAI,UAAU;AACd,QAAI,mBAAmB,KAAK,UAAU,8BAA8B,OAAO,UAAU,UAAU,CAAC;AAChG,QAAI,qBAAqB,QAAW;AAChC,YAAM,EAAE,cAAc,aAAa,IAAI;AACvC,YAAM,YAAY,MAAM,OAAO;AAAA,QAC3B;AAAA,QACA,MAAM,OAAO,iBAAiB,YAAY;AAAA,QAC1C;AAAA,MACJ;AACA,YAAM,qBAAqB,OAAO,QAAQ,WAAW,IAAI,WAAW,CAAC,GAAG,iBAAiB;AACzF,oBAAc,MAAM,UAAU,WAAW;AAAA,QACrC;AAAA,QACA,eAAe,MAAM,OAAO,wBAAwB,YAAY,eAAe;AAAA,QAC/E,wBAAwB,SAAS;AAAA,QACjC;AAAA,QACA;AAAA,QACA;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA,MAC3C,CAAC;AAAA,IACL,OAAO;AACH,oBAAc,MAAM,UAAU,WAAW;AAAA,QACrC;AAAA,QACA,eAAe,MAAM,OAAO,wBAAwB,YAAY,eAAe;AAAA,QAC/E,wBAAwB,SAAS;AAAA,QACjC;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA,MAC3C,CAAC;AAAA,IACL;AAEA,QAAI;AACJ,UAAM,EAAE,aAAa,QAAQ,aAAa,IAAI,MAAM,UAAU,WAAW;AACzE,QAAI,iBAAiB,QAAW;AAE5B,UAAI,qBAAqB,OAAW,OAAM,IAAI,oBAAoB,sCAAsC;AACxG,YAAM;AAAA,QACF;AAAA,QACA,QAAAA;AAAA,QACA,mBAAmB;AAAA,QACnB;AAAA,MACJ,IAAI;AACJ,YAAM,EAAE,oBAAoB,eAAe,cAAc,UAAU,IAAI;AAGvE,YAAM,oBAAoB;AAAA,QACtB,GAAG,SAAS,QAAQ;AAAA,QACpB,GAAI,2BAA2B,CAAC;AAAA,MACpC;AAEA,YAAM,aAAa,MAAM,OAAO,iBAAiB,YAAY;AAC7D,YAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,eAAe;AACtF,aAAO,QAAQ,WAAW,WAAW,iBAAiB;AAEtD,YAAM,oBAAoB,MAAM,OAAO,iBAAiB,iBAAiB,YAAY;AACrF,sBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,QACrD,WAAW;AAAA,QACX,QAAAA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,aAAa;AAAA,QACb,cAAc;AAAA,QACd,uBAAuB;AAAA,QACvB;AAAA,MACJ,CAAC;AACD,YAAM,UAAU,YAAY;AAC5B,aAAO;AAAA,QACH,wBAAwB,cAAc,EAAE,8BAA8B,UAAU,eAAe,CAAC,eAAe,OAAO,YAAYA,QAAO,MAAM,CAAC,WAAWA,QAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,QAC7N,cAAc,qBAAqB;AAAA,MACvC;AAEA,uBAAiB,eAAe;AAChC,uBAAiB,oBAAoB,cAAc;AACnD,gBAAU;AAAA,IACd,OAAO;AAEH,YAAM;AAAA,QACF,wBAAwB;AAAA,QACxB,WAAW;AAAA,QACX;AAAA,QACA,oBAAoB;AAAA,QACpB;AAAA,MACJ,IAAI;AAEJ,YAAM,oBAAoB;AAAA,QACtB,GAAG,SAAS,QAAQ;AAAA,QACpB,GAAI,0BAA0B,CAAC;AAAA,MACnC;AACA,YAAM,eAAe,MAAM,OAAO,iBAAiB,UAAU,UAAU,OAAO,CAAC;AAC/E,YAAM,aAAa,MAAM;AAAA,QACrB;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,OAAO,cAAc,WAAW;AAAA,MAC1C;AACA,YAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,YAAM,oBAAoB,OAAO,QAAQ,WAAW,eAAe,eAAe;AAClF,YAAM;AAAA,QACF,cAAc;AAAA,QACd,eAAe;AAAA,QACf,WAAW;AAAA,QACX,cAAc;AAAA,MAClB,IAAI,uBAAuB,OAAO,iBAAiB;AACnD,YAAM,oBAAoB,cAAc,OAAO;AAAA,QAC3C,cAAc;AAAA,QACd,eAAe;AAAA,QACf,oBAAoB;AAAA,QACpB,oBAAoB,SAAS;AAAA,MACjC,CAAC;AACD,YAAM;AAAA,QACF,wBAAwB;AAAA,QACxB,SAAS,EAAE,UAAU,oBAAoB,QAAQ,iBAAiB;AAAA,MACtE,IAAI,0BAA0B,OAAO,OAAO;AAE5C,YAAM,OAAO,YAAY,UAAU,aAAa,GAAG,mBAAmB,aAAa;AAEnF,UAAI,qBAAqB,YAAY;AACjC,cAAM,IAAI;AAAA,UACN,uCAAuC,gBAAgB,4CAA4C,UAAU;AAAA,QACjH;AAAA,MACJ;AACA,UAAI,uBAAuB,OAAO,UAAU;AACxC,cAAM,IAAI;AAAA,UACN,yCAAyC,kBAAkB,yCAAyC,OAAO,QAAQ;AAAA,QACvH;AAAA,MACJ;AACA,UAAI,aAAa,QAAW;AACxB,cAAM;AAAA,UACF,SAAS,EAAE,UAAU,oBAAoB;AAAA,QAC7C,IAAI,2BAA2B,OAAO,QAAQ;AAE9C,YAAI,wBAAwB,UAAa,wBAAwB,OAAO,UAAU;AAC9E,gBAAM,IAAI;AAAA,YACN,yDAAyD,mBAAmB,yCAAyC,OAAO,QAAQ;AAAA,UACxI;AAAA,QACJ;AAAA,MACJ;AACA,YAAM,OAAO,kBAAkB,SAAS,QAAQ;AAGhD,YAAM,aAAa,MAAM;AAAA,QACrB;AAAA,QACA,MAAM,OAAO,cAAc,CAAC,aAAa,WAAW,CAAC;AAAA,MACzD;AACA,YAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,YAAM,gBAAgB,cAAc,OAAO;AAAA,QACvC,cAAc;AAAA,QACd,eAAe;AAAA,QACf,oBAAoB,SAAS;AAAA,QAC7B,oBAAoB;AAAA,MACxB,CAAC;AACD,YAAM,YAAY,MAAM,OAAO,KAAK,aAAa;AACjD,YAAM,gBAAgB,uBAAuB,OAAO;AAAA,QAChD,cAAc;AAAA,QACd,eAAe;AAAA,QACf;AAAA,MACJ,CAAC;AACD,YAAM,YAAY,OAAO,QAAQ,WAAW,eAAe,eAAe;AAC1E,YAAM,cAAc,MAAM,UAAU,WAAW,EAAE,UAAU,CAAC;AAC5D,YAAM,UAAU,eAAe,gBAAgB;AAG/C,YAAM,EAAE,sBAAsB,IAAI,oBAAoB,CAAC;AACvD,YAAM,oBAAoB,MAAM;AAAA,QAC5B;AAAA,QACA,MAAM,OAAO,cAAc,CAAC,aAAa,aAAa,WAAW,CAAC;AAAA,MACtE;AACA,sBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,QACrD,WAAW;AAAA,QACX;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,aAAa;AAAA,QACb,cAAc;AAAA,QACd,uBAAuB;AAAA,QACvB;AAAA,MACJ,CAAC;AACD,aAAO;AAAA,QACH,uBAAuB,cAAc,EAAE,kCAAkC,UAAU,eAAe,CAAC,eAAe,OAAO;AAAA,UACrH,OAAO;AAAA,QACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,QAC9E,cAAc,qBAAqB;AAAA,MACvC;AACA,yBAAmB;AAAA,QACf;AAAA,QACA;AAAA,QACA;AAAA,QACA,cAAc;AAAA,QACd,mBAAmB,cAAc;AAAA,QACjC;AAAA,MACJ;AAAA,IACJ;AAEA,UAAM,UAAU,MAAM;AACtB,UAAM,KAAK,UAAU,qBAAqB,gBAAgB;AAE1D,WAAO,EAAE,SAAS,eAAe,QAAQ;AAAA,EAC7C;AACJ;",
|
|
5
5
|
"names": ["fabric"]
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/case/CaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG9E,OAAO,EAAE,aAAa,EAAuB,MAAM,+BAA+B,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,qBAAa,UAAW,YAAW,eAAe;;IAC9C,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;gBAK3B,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa;IAKtD,aAAa,CAAC,QAAQ,EAAE,eAAe;
|
|
1
|
+
{"version":3,"file":"CaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/case/CaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG9E,OAAO,EAAE,aAAa,EAAuB,MAAM,+BAA+B,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,qBAAa,UAAW,YAAW,eAAe;;IAC9C,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;gBAK3B,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa;IAKtD,aAAa,CAAC,QAAQ,EAAE,eAAe;IA8PvC,KAAK;CAGd"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Copyright 2022-2025 Matter.js Authors
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
|
-
import { Bytes,
|
|
6
|
+
import { Bytes, CryptoDecryptError, Logger, PublicKey, UnexpectedDataError } from "#general";
|
|
7
7
|
import { NodeId, ProtocolStatusCode, SECURE_CHANNEL_PROTOCOL_ID } from "#types";
|
|
8
8
|
import { TlvOperationalCertificate } from "../../certificate/CertificateManager.js";
|
|
9
9
|
import { FabricNotFoundError } from "../../fabric/FabricManager.js";
|
|
@@ -51,7 +51,7 @@ class CaseServer {
|
|
|
51
51
|
logger.info(`Received pairing request from ${messenger.getChannelName()}`);
|
|
52
52
|
const { sigma1Bytes, sigma1 } = await messenger.readSigma1();
|
|
53
53
|
const resumptionRecord = sigma1.resumptionId !== void 0 && sigma1.initiatorResumeMic !== void 0 ? this.#sessions.findResumptionRecordById(sigma1.resumptionId) : void 0;
|
|
54
|
-
const context = new Sigma1Context(messenger, sigma1Bytes, sigma1, resumptionRecord);
|
|
54
|
+
const context = new Sigma1Context(this.#fabrics.crypto, messenger, sigma1Bytes, sigma1, resumptionRecord);
|
|
55
55
|
if (await this.#resume(context)) {
|
|
56
56
|
return;
|
|
57
57
|
}
|
|
@@ -70,13 +70,14 @@ class CaseServer {
|
|
|
70
70
|
return false;
|
|
71
71
|
}
|
|
72
72
|
const { sharedSecret, fabric, peerNodeId, caseAuthenticatedTags } = cx.resumptionRecord;
|
|
73
|
-
const
|
|
73
|
+
const { crypto } = this.#fabrics;
|
|
74
|
+
const peerResumeKey = await crypto.createHkdfKey(
|
|
74
75
|
sharedSecret,
|
|
75
76
|
Bytes.concat(cx.peerRandom, cx.peerResumptionId),
|
|
76
77
|
KDFSR1_KEY_INFO
|
|
77
78
|
);
|
|
78
79
|
try {
|
|
79
|
-
|
|
80
|
+
crypto.decrypt(peerResumeKey, cx.peerResumeMic, RESUME1_MIC_NONCE);
|
|
80
81
|
} catch (e) {
|
|
81
82
|
CryptoDecryptError.accept(e);
|
|
82
83
|
cx.peerResumptionId = cx.peerResumeMic = void 0;
|
|
@@ -97,8 +98,8 @@ class CaseServer {
|
|
|
97
98
|
caseAuthenticatedTags
|
|
98
99
|
});
|
|
99
100
|
const resumeSalt = Bytes.concat(cx.peerRandom, cx.localResumptionId);
|
|
100
|
-
const resumeKey = await
|
|
101
|
-
const resumeMic =
|
|
101
|
+
const resumeKey = await crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
|
|
102
|
+
const resumeMic = crypto.encrypt(resumeKey, new Uint8Array(0), RESUME2_MIC_NONCE);
|
|
102
103
|
try {
|
|
103
104
|
await cx.messenger.sendSigma2Resume({
|
|
104
105
|
resumptionId: cx.localResumptionId,
|
|
@@ -132,19 +133,20 @@ class CaseServer {
|
|
|
132
133
|
) {
|
|
133
134
|
return false;
|
|
134
135
|
}
|
|
135
|
-
const
|
|
136
|
+
const { crypto } = this.#fabrics;
|
|
137
|
+
const responderRandom = crypto.randomBytes(32);
|
|
136
138
|
const fabric = await this.#fabrics.findFabricFromDestinationId(cx.destinationId, cx.peerRandom);
|
|
137
139
|
const { operationalCert: nodeOpCert, intermediateCACert, operationalIdentityProtectionKey } = fabric;
|
|
138
|
-
const key = await
|
|
140
|
+
const key = await crypto.createKeyPair();
|
|
139
141
|
const responderEcdhPublicKey = key.publicBits;
|
|
140
|
-
const sharedSecret = await
|
|
142
|
+
const sharedSecret = await crypto.generateDhSecret(key, PublicKey(cx.peerEcdhPublicKey));
|
|
141
143
|
const sigma2Salt = Bytes.concat(
|
|
142
144
|
operationalIdentityProtectionKey,
|
|
143
145
|
responderRandom,
|
|
144
146
|
responderEcdhPublicKey,
|
|
145
|
-
await
|
|
147
|
+
await crypto.computeSha256(cx.bytes)
|
|
146
148
|
);
|
|
147
|
-
const sigma2Key = await
|
|
149
|
+
const sigma2Key = await crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
|
|
148
150
|
const signatureData = TlvSignedData.encode({
|
|
149
151
|
responderNoc: nodeOpCert,
|
|
150
152
|
responderIcac: intermediateCACert,
|
|
@@ -158,7 +160,7 @@ class CaseServer {
|
|
|
158
160
|
signature,
|
|
159
161
|
resumptionId: cx.localResumptionId
|
|
160
162
|
});
|
|
161
|
-
const encrypted =
|
|
163
|
+
const encrypted = crypto.encrypt(sigma2Key, encryptedData, TBE_DATA2_NONCE);
|
|
162
164
|
const responderSessionId = await this.#sessions.getNextAvailableSessionId();
|
|
163
165
|
const sigma2Bytes = await cx.messenger.sendSigma2({
|
|
164
166
|
responderRandom,
|
|
@@ -174,10 +176,10 @@ class CaseServer {
|
|
|
174
176
|
} = await cx.messenger.readSigma3();
|
|
175
177
|
const sigma3Salt = Bytes.concat(
|
|
176
178
|
operationalIdentityProtectionKey,
|
|
177
|
-
await
|
|
179
|
+
await crypto.computeSha256([cx.bytes, sigma2Bytes])
|
|
178
180
|
);
|
|
179
|
-
const sigma3Key = await
|
|
180
|
-
const peerDecryptedData =
|
|
181
|
+
const sigma3Key = await crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
|
|
182
|
+
const peerDecryptedData = crypto.decrypt(sigma3Key, peerEncrypted, TBE_DATA3_NONCE);
|
|
181
183
|
const {
|
|
182
184
|
responderNoc: peerNewOpCert,
|
|
183
185
|
responderIcac: peerIntermediateCACert,
|
|
@@ -197,10 +199,10 @@ class CaseServer {
|
|
|
197
199
|
if (fabric.fabricId !== peerFabricId) {
|
|
198
200
|
throw new UnexpectedDataError(`Fabric ID mismatch: ${fabric.fabricId} !== ${peerFabricId}`);
|
|
199
201
|
}
|
|
200
|
-
await
|
|
202
|
+
await crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
|
|
201
203
|
const secureSessionSalt = Bytes.concat(
|
|
202
204
|
operationalIdentityProtectionKey,
|
|
203
|
-
await
|
|
205
|
+
await crypto.computeSha256([cx.bytes, sigma2Bytes, sigma3Bytes])
|
|
204
206
|
);
|
|
205
207
|
const secureSession = await this.#sessions.createSecureSession({
|
|
206
208
|
sessionId: responderSessionId,
|
|
@@ -238,6 +240,7 @@ class CaseServer {
|
|
|
238
240
|
}
|
|
239
241
|
}
|
|
240
242
|
class Sigma1Context {
|
|
243
|
+
crypto;
|
|
241
244
|
messenger;
|
|
242
245
|
bytes;
|
|
243
246
|
peerSessionId;
|
|
@@ -249,7 +252,8 @@ class Sigma1Context {
|
|
|
249
252
|
peerSessionParams;
|
|
250
253
|
resumptionRecord;
|
|
251
254
|
#localResumptionId;
|
|
252
|
-
constructor(messenger, bytes, sigma1, resumptionRecord) {
|
|
255
|
+
constructor(crypto, messenger, bytes, sigma1, resumptionRecord) {
|
|
256
|
+
this.crypto = crypto;
|
|
253
257
|
this.messenger = messenger;
|
|
254
258
|
this.bytes = bytes;
|
|
255
259
|
this.peerSessionId = sigma1.initiatorSessionId;
|
|
@@ -262,7 +266,7 @@ class Sigma1Context {
|
|
|
262
266
|
this.resumptionRecord = resumptionRecord;
|
|
263
267
|
}
|
|
264
268
|
get localResumptionId() {
|
|
265
|
-
return this.#localResumptionId ??=
|
|
269
|
+
return this.#localResumptionId ??= this.crypto.randomBytes(16);
|
|
266
270
|
}
|
|
267
271
|
}
|
|
268
272
|
export {
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseServer.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAe,oBAAoB,QAAQ,WAAW,2BAA2B;AAG1F,SAAS,QAAQ,oBAAoB,kCAAkD;AACvF,SAAS,iCAAiC;AAC1C,SAAwB,2BAA2B;AAGnD,SAAS,kCAAkC;AAC3C;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,2BAA2B;AAEpC,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAsC;AAAA,EACtC,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA;AAAA,EAEA,YAAY,UAA0B,SAAwB;AAC1D,SAAK,YAAY;AACjB,SAAK,WAAW;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,QAAI;AACA,YAAM,KAAK,cAAc,SAAS;AAAA,IACtC,SAAS,OAAO;AACZ,aAAO,MAAM,8CAA8C,KAAK;AAEhE,UAAI,iBAAiB,qBAAqB;AACtC,cAAM,UAAU,UAAU,mBAAmB,kBAAkB;AAAA,MACnE,WAES,EAAE,iBAAiB,6BAA6B;AACrD,cAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,MAC7D;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAM,cAAc,WAAgC;AAChD,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,EAAE;AAGzE,UAAM,EAAE,aAAa,OAAO,IAAI,MAAM,UAAU,WAAW;AAC3D,UAAM,mBACF,OAAO,iBAAiB,UAAa,OAAO,uBAAuB,SAC7D,KAAK,UAAU,yBAAyB,OAAO,YAAY,IAC3D;AAEV,UAAM,UAAU,IAAI,cAAc,KAAK,SAAS,QAAQ,WAAW,aAAa,QAAQ,gBAAgB;AAGxG,QAAI,MAAM,KAAK,QAAQ,OAAO,GAAG;AAC7B;AAAA,IACJ;AAGA,QAAI,MAAM,KAAK,gBAAgB,OAAO,GAAG;AACrC;AAAA,IACJ;AAEA,WAAO;AAAA,MACH,qDAAqD,UAAU,eAAe,CAAC;AAAA,MAC/E,QAAQ;AAAA,MACR,QAAQ;AAAA,IACZ;AAEA,UAAM,IAAI,oBAAoB,sCAAsC;AAAA,EACxE;AAAA,EAEA,MAAM,QAAQ,IAAmB;AAC7B,QAAI,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB,QAAW;AAC1G,aAAO;AAAA,IACX;AAEA,UAAM,EAAE,cAAc,QAAQ,YAAY,sBAAsB,IAAI,GAAG;AACvE,UAAM,EAAE,OAAO,IAAI,KAAK;AACxB,UAAM,gBAAgB,MAAM,OAAO;AAAA,MAC/B;AAAA,MACA,MAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AAAA,MAC/C;AAAA,IACJ;AAEA,QAAI;AACA,aAAO,QAAQ,eAAe,GAAG,eAAe,iBAAiB;AAAA,IACrE,SAAS,GAAG;AACR,yBAAmB,OAAO,CAAC;AAG3B,SAAG,mBAAmB,GAAG,gBAAgB;AAEzC,aAAO;AAAA,IACX;AAGA,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,oBAAoB,MAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AACzE,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AAGD,UAAM,aAAa,MAAM,OAAO,GAAG,YAAY,GAAG,iBAAiB;AACnE,UAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,eAAe;AACtF,UAAM,YAAY,OAAO,QAAQ,WAAW,IAAI,WAAW,CAAC,GAAG,iBAAiB;AAChF,QAAI;AACA,YAAM,GAAG,UAAU,iBAAiB;AAAA,QAChC,cAAc,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA;AAAA,MAC3C,CAAC;AAAA,IACL,SAAS,OAAO;AAEZ,YAAM,cAAc,QAAQ,KAAK;AACjC,YAAM;AAAA,IACV;AAEA,WAAO;AAAA,MACH,WAAW,cAAc,EAAE,iBAAiB,GAAG,UAAU,eAAe,CAAC,eAAe,OAAO;AAAA,QAC3F,OAAO;AAAA,MACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,MAC9E;AAAA,MACA;AAAA,IACJ;AACA,OAAG,iBAAiB,eAAe,GAAG;AAGtC,UAAM,GAAG,UAAU,eAAe,sBAAsB;AAExD,UAAM,GAAG,UAAU,MAAM;AACzB,UAAM,KAAK,UAAU,qBAAqB,GAAG,gBAAgB;AAE7D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,gBAAgB,IAAmB;AACrC;AAAA;AAAA,MAEI,EAAE,GAAG,qBAAqB,UAAa,GAAG,kBAAkB;AAAA,MAE5D,EAAE,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB;AAAA,MACnG;AACE,aAAO;AAAA,IACX;AAGA,UAAM,EAAE,OAAO,IAAI,KAAK;AACxB,UAAM,kBAAkB,OAAO,YAAY,EAAE;AAG7C,UAAM,SAAS,MAAM,KAAK,SAAS,4BAA4B,GAAG,eAAe,GAAG,UAAU;AAC9F,UAAM,EAAE,iBAAiB,YAAY,oBAAoB,iCAAiC,IAAI;AAC9F,UAAM,MAAM,MAAM,OAAO,cAAc;AACvC,UAAM,yBAAyB,IAAI;AACnC,UAAM,eAAe,MAAM,OAAO,iBAAiB,KAAK,UAAU,GAAG,iBAAiB,CAAC;AAEvF,UAAM,aAAa,MAAM;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,OAAO,cAAc,GAAG,KAAK;AAAA,IACvC;AACA,UAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,UAAM,gBAAgB,cAAc,OAAO;AAAA,MACvC,cAAc;AAAA,MACd,eAAe;AAAA,MACf,oBAAoB;AAAA,MACpB,oBAAoB,GAAG;AAAA,IAC3B,CAAC;AACD,UAAM,YAAY,MAAM,OAAO,KAAK,aAAa;AACjD,UAAM,gBAAgB,uBAAuB,OAAO;AAAA,MAChD,cAAc;AAAA,MACd,eAAe;AAAA,MACf;AAAA,MACA,cAAc,GAAG;AAAA,IACrB,CAAC;AACD,UAAM,YAAY,OAAO,QAAQ,WAAW,eAAe,eAAe;AAC1E,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,cAAc,MAAM,GAAG,UAAU,WAAW;AAAA,MAC9C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,wBAAwB,KAAK,UAAU;AAAA;AAAA,IAC3C,CAAC;AAGD,UAAM;AAAA,MACF;AAAA,MACA,QAAQ,EAAE,WAAW,cAAc;AAAA,IACvC,IAAI,MAAM,GAAG,UAAU,WAAW;AAClC,UAAM,aAAa,MAAM;AAAA,MACrB;AAAA,MACA,MAAM,OAAO,cAAc,CAAC,GAAG,OAAO,WAAW,CAAC;AAAA,IACtD;AACA,UAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,UAAM,oBAAoB,OAAO,QAAQ,WAAW,eAAe,eAAe;AAClF,UAAM;AAAA,MACF,cAAc;AAAA,MACd,eAAe;AAAA,MACf,WAAW;AAAA,IACf,IAAI,uBAAuB,OAAO,iBAAiB;AAEnD,UAAM,OAAO,kBAAkB,eAAe,sBAAsB;AAEpE,UAAM,oBAAoB,cAAc,OAAO;AAAA,MAC3C,cAAc;AAAA,MACd,eAAe;AAAA,MACf,oBAAoB,GAAG;AAAA,MACvB,oBAAoB;AAAA,IACxB,CAAC;AACD,UAAM;AAAA,MACF,wBAAwB;AAAA,MACxB,SAAS,EAAE,UAAU,cAAc,QAAQ,YAAY,sBAAsB;AAAA,IACjF,IAAI,0BAA0B,OAAO,aAAa;AAElD,QAAI,OAAO,aAAa,cAAc;AAClC,YAAM,IAAI,oBAAoB,uBAAuB,OAAO,QAAQ,QAAQ,YAAY,EAAE;AAAA,IAC9F;AAEA,UAAM,OAAO,YAAY,UAAU,aAAa,GAAG,mBAAmB,aAAa;AAGnF,UAAM,oBAAoB,MAAM;AAAA,MAC5B;AAAA,MACA,MAAM,OAAO,cAAc,CAAC,GAAG,OAAO,aAAa,WAAW,CAAC;AAAA,IACnE;AACA,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AACD,WAAO;AAAA,MACH,WAAW,cAAc,EAAE,iBAAiB,GAAG,UAAU,eAAe,CAAC,eAAe,OAAO;AAAA,QAC3F,OAAO;AAAA,MACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,MAC9E;AAAA,MACA;AAAA,IACJ;AACA,UAAM,GAAG,UAAU,YAAY;AAE/B,UAAM,mBAAmB;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA,cAAc,GAAG;AAAA,MACjB,mBAAmB,cAAc;AAAA,MACjC;AAAA,IACJ;AAEA,UAAM,GAAG,UAAU,MAAM;AACzB,UAAM,KAAK,UAAU,qBAAqB,gBAAgB;AAE1D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,QAAQ;AAAA,EAEd;AACJ;AAEA,MAAM,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EAEA,YACI,QACA,WACA,OACA,QACA,kBACF;AACE,SAAK,SAAS;AACd,SAAK,YAAY;AACjB,SAAK,QAAQ;AACb,SAAK,gBAAgB,OAAO;AAC5B,SAAK,mBAAmB,OAAO;AAC/B,SAAK,gBAAgB,OAAO;AAC5B,SAAK,gBAAgB,OAAO;AAC5B,SAAK,aAAa,OAAO;AACzB,SAAK,oBAAoB,OAAO;AAChC,SAAK,oBAAoB,OAAO;AAChC,SAAK,mBAAmB;AAAA,EAC5B;AAAA,EAEA,IAAI,oBAAoB;AACpB,WAAQ,KAAK,uBAAuB,KAAK,OAAO,YAAY,EAAE;AAAA,EAClE;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -3,16 +3,16 @@
|
|
|
3
3
|
* Copyright 2022-2025 Matter.js Authors
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
|
-
import { PbkdfParameters } from "#general";
|
|
6
|
+
import { Crypto, PbkdfParameters } from "#general";
|
|
7
7
|
import { SessionManager } from "#session/SessionManager.js";
|
|
8
8
|
import { MessageExchange } from "../../protocol/MessageExchange.js";
|
|
9
9
|
import { SessionParameters } from "../Session.js";
|
|
10
10
|
export declare class PaseClient {
|
|
11
11
|
#private;
|
|
12
12
|
constructor(sessions: SessionManager);
|
|
13
|
-
static generatePakePasscodeVerifier(setupPinCode: number, pbkdfParameters: PbkdfParameters): Promise<Uint8Array<ArrayBufferLike>>;
|
|
14
|
-
static generateRandomPasscode(): number;
|
|
15
|
-
static generateRandomDiscriminator(): number;
|
|
13
|
+
static generatePakePasscodeVerifier(crypto: Crypto, setupPinCode: number, pbkdfParameters: PbkdfParameters): Promise<Uint8Array<ArrayBufferLike>>;
|
|
14
|
+
static generateRandomPasscode(crypto: Crypto): number;
|
|
15
|
+
static generateRandomDiscriminator(crypto: Crypto): number;
|
|
16
16
|
pair(sessionParameters: SessionParameters, exchange: MessageExchange, setupPin: number): Promise<import("../NodeSession.js").NodeSession>;
|
|
17
17
|
}
|
|
18
18
|
//# sourceMappingURL=PaseClient.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PaseClient.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseClient.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,
|
|
1
|
+
{"version":3,"file":"PaseClient.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseClient.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAS,MAAM,EAAc,eAAe,EAAgC,MAAM,UAAU,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAOlD,qBAAa,UAAU;;gBAGP,QAAQ,EAAE,cAAc;WAIvB,4BAA4B,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKhH,MAAM,CAAC,sBAAsB,CAAC,MAAM,EAAE,MAAM;IAS5C,MAAM,CAAC,2BAA2B,CAAC,MAAM,EAAE,MAAM;IAI3C,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM;CA+E/F"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Copyright 2022-2025 Matter.js Authors
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
|
-
import { Bytes,
|
|
6
|
+
import { Bytes, ec, Logger, Spake2p, UnexpectedDataError } from "#general";
|
|
7
7
|
import { CommissioningOptions, NodeId, ProtocolStatusCode } from "#types";
|
|
8
8
|
import { DEFAULT_PASSCODE_ID, PaseClientMessenger, SPAKE_CONTEXT } from "./PaseMessenger.js";
|
|
9
9
|
const { numberToBytesBE } = ec;
|
|
@@ -13,24 +13,25 @@ class PaseClient {
|
|
|
13
13
|
constructor(sessions) {
|
|
14
14
|
this.#sessions = sessions;
|
|
15
15
|
}
|
|
16
|
-
static async generatePakePasscodeVerifier(setupPinCode, pbkdfParameters) {
|
|
17
|
-
const { w0, L } = await Spake2p.computeW0L(pbkdfParameters, setupPinCode);
|
|
16
|
+
static async generatePakePasscodeVerifier(crypto, setupPinCode, pbkdfParameters) {
|
|
17
|
+
const { w0, L } = await Spake2p.computeW0L(crypto, pbkdfParameters, setupPinCode);
|
|
18
18
|
return Bytes.concat(numberToBytesBE(w0, 32), L);
|
|
19
19
|
}
|
|
20
|
-
static generateRandomPasscode() {
|
|
20
|
+
static generateRandomPasscode(crypto) {
|
|
21
21
|
let passcode;
|
|
22
|
-
passcode =
|
|
22
|
+
passcode = crypto.randomUint32 % 99999998 + 1;
|
|
23
23
|
if (CommissioningOptions.FORBIDDEN_PASSCODES.includes(passcode)) {
|
|
24
24
|
passcode += 1;
|
|
25
25
|
}
|
|
26
26
|
return passcode;
|
|
27
27
|
}
|
|
28
|
-
static generateRandomDiscriminator() {
|
|
29
|
-
return
|
|
28
|
+
static generateRandomDiscriminator(crypto) {
|
|
29
|
+
return crypto.randomUint16 % 4096;
|
|
30
30
|
}
|
|
31
31
|
async pair(sessionParameters, exchange, setupPin) {
|
|
32
32
|
const messenger = new PaseClientMessenger(exchange);
|
|
33
|
-
const
|
|
33
|
+
const { crypto } = this.#sessions;
|
|
34
|
+
const initiatorRandom = crypto.randomBytes(32);
|
|
34
35
|
const initiatorSessionId = await this.#sessions.getNextAvailableSessionId();
|
|
35
36
|
const tcpSupported = sessionParameters.supportedTransports?.tcpClient || sessionParameters.supportedTransports?.tcpServer || false;
|
|
36
37
|
const requestPayload = await messenger.sendPbkdfParamRequest({
|
|
@@ -57,9 +58,10 @@ class PaseClient {
|
|
|
57
58
|
...exchange.session.parameters,
|
|
58
59
|
...responderSessionParams ?? {}
|
|
59
60
|
};
|
|
60
|
-
const { w0, w1 } = await Spake2p.computeW0W1(pbkdfParameters, setupPin);
|
|
61
|
+
const { w0, w1 } = await Spake2p.computeW0W1(crypto, pbkdfParameters, setupPin);
|
|
61
62
|
const spake2p = Spake2p.create(
|
|
62
|
-
|
|
63
|
+
crypto,
|
|
64
|
+
await crypto.computeSha256([SPAKE_CONTEXT, requestPayload, responsePayload]),
|
|
63
65
|
w0
|
|
64
66
|
);
|
|
65
67
|
const X = spake2p.computeX();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/pase/PaseClient.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAe,IAAI,QAAyB,SAAS,2BAA2B;AAEzF,SAAS,sBAAsB,QAAQ,0BAA0B;AAGjE,SAAS,qBAAqB,qBAAqB,qBAAqB;AAExE,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,aAAa,6BAA6B,QAAgB,cAAsB,iBAAkC;AAC9G,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,QAAQ,WAAW,QAAQ,iBAAiB,YAAY;AAChF,WAAO,MAAM,OAAO,gBAAgB,IAAI,EAAE,GAAG,CAAC;AAAA,EAClD;AAAA,EAEA,OAAO,uBAAuB,QAAgB;AAC1C,QAAI;AACJ,eAAY,OAAO,eAAe,WAAY;AAC9C,QAAI,qBAAqB,oBAAoB,SAAS,QAAQ,GAAG;AAC7D,kBAAY;AAAA,IAChB;AACA,WAAO;AAAA,EACX;AAAA,EAEA,OAAO,4BAA4B,QAAgB;AAC/C,WAAO,OAAO,eAAe;AAAA,EACjC;AAAA,EAEA,MAAM,KAAK,mBAAsC,UAA2B,UAAkB;AAC1F,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,UAAM,EAAE,OAAO,IAAI,KAAK;AACxB,UAAM,kBAAkB,OAAO,YAAY,EAAE;AAC7C,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAG1E,UAAM,eACF,kBAAkB,qBAAqB,aACvC,kBAAkB,qBAAqB,aACvC;AACJ,UAAM,iBAAiB,MAAM,UAAU,sBAAsB;AAAA,MACzD;AAAA,MACA;AAAA,MACA,YAAY;AAAA,MACZ,oBAAoB;AAAA,MACpB,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,kBAAkB,oBAAoB;AAAA,MAC5E;AAAA,IACJ,CAAC;AACD,UAAM;AAAA,MACF;AAAA,MACA,UAAU,EAAE,iBAAiB,oBAAoB,uBAAuB;AAAA,IAC5E,IAAI,MAAM,UAAU,uBAAuB;AAC3C,QAAI,oBAAoB,QAAW;AAG/B,YAAM,UAAU,UAAU,mBAAmB,YAAY;AACzD,YAAM,IAAI,oBAAoB,0EAA0E;AAAA,IAC5G;AAGA,wBAAoB;AAAA,MAChB,GAAG,SAAS,QAAQ;AAAA,MACpB,GAAI,0BAA0B,CAAC;AAAA,IACnC;AAGA,UAAM,EAAE,IAAI,GAAG,IAAI,MAAM,QAAQ,YAAY,QAAQ,iBAAiB,QAAQ;AAC9E,UAAM,UAAU,QAAQ;AAAA,MACpB;AAAA,MACA,MAAM,OAAO,cAAc,CAAC,eAAe,gBAAgB,eAAe,CAAC;AAAA,MAC3E;AAAA,IACJ;AACA,UAAM,IAAI,QAAQ,SAAS;AAC3B,UAAM,UAAU,cAAc,EAAE,GAAG,EAAE,CAAC;AAGtC,UAAM,EAAE,GAAG,GAAG,SAAS,IAAI,MAAM,UAAU,cAAc;AACzD,UAAM,EAAE,IAAI,KAAK,IAAI,IAAI,MAAM,QAAQ,+BAA+B,IAAI,GAAG,CAAC;AAC9E,QAAI,CAAC,MAAM,SAAS,UAAU,GAAG,GAAG;AAChC,YAAM,UAAU,UAAU,mBAAmB,YAAY;AACzD,YAAM,IAAI;AAAA,QACN;AAAA,MACJ;AAAA,IACJ;AACA,UAAM,UAAU,cAAc,EAAE,UAAU,IAAI,CAAC;AAG/C,UAAM,UAAU,eAAe,mBAAmB;AAClD,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,YAAY,OAAO;AAAA,MACnB,eAAe;AAAA,MACf,cAAc;AAAA,MACd,MAAM,IAAI,WAAW,CAAC;AAAA,MACtB,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB;AAAA,IAC3B,CAAC;AACD,UAAM,UAAU,MAAM;AACtB,WAAO,KAAK,yCAAyC,UAAU,eAAe,CAAC,GAAG;AAElF,WAAO;AAAA,EACX;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKH,eAAe,EACf,eAAe,EAKlB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,OAAO,EAAuB,mBAAmB,EAAiB,MAAM,oBAAoB,CAAC;AAS7F,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E,qBAAa,UAAW,YAAW,eAAe;;IAuB1C,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;IAzBrC,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;WAK1B,OAAO,CAAC,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKrG,MAAM,CAAC,qBAAqB,CACxB,QAAQ,EAAE,cAAc,EACxB,iBAAiB,EAAE,UAAU,EAC7B,eAAe,CAAC,EAAE,eAAe;gBAQzB,QAAQ,EAAE,cAAc,EACf,EAAE,EAAE,MAAM,EACV,CAAC,EAAE,UAAU,EACb,eAAe,CAAC,EAAE,eAAe,YAAA;IAGhD,aAAa,CAAC,QAAQ,EAAE,eAAe;YAuC/B,oBAAoB;
|
|
1
|
+
{"version":3,"file":"PaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKH,eAAe,EACf,eAAe,EAKlB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,OAAO,EAAuB,mBAAmB,EAAiB,MAAM,oBAAoB,CAAC;AAS7F,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E,qBAAa,UAAW,YAAW,eAAe;;IAuB1C,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;IAzBrC,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;WAK1B,OAAO,CAAC,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKrG,MAAM,CAAC,qBAAqB,CACxB,QAAQ,EAAE,cAAc,EACxB,iBAAiB,EAAE,UAAU,EAC7B,eAAe,CAAC,EAAE,eAAe;gBAQzB,QAAQ,EAAE,cAAc,EACf,EAAE,EAAE,MAAM,EACV,CAAC,EAAE,UAAU,EACb,eAAe,CAAC,EAAE,eAAe,YAAA;IAGhD,aAAa,CAAC,QAAQ,EAAE,eAAe;YAuC/B,oBAAoB;IAiF5B,aAAa,CAAC,SAAS,EAAE,mBAAmB,EAAE,SAAS,UAAO;IAU9D,KAAK;CAGd"}
|
|
@@ -5,7 +5,6 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import {
|
|
7
7
|
Bytes,
|
|
8
|
-
Crypto,
|
|
9
8
|
ec,
|
|
10
9
|
Logger,
|
|
11
10
|
MatterFlowError,
|
|
@@ -34,7 +33,7 @@ class PaseServer {
|
|
|
34
33
|
#pairingTimer;
|
|
35
34
|
#pairingErrors = 0;
|
|
36
35
|
static async fromPin(sessions, setupPinCode, pbkdfParameters) {
|
|
37
|
-
const { w0, L } = await Spake2p.computeW0L(pbkdfParameters, setupPinCode);
|
|
36
|
+
const { w0, L } = await Spake2p.computeW0L(sessions.crypto, pbkdfParameters, setupPinCode);
|
|
38
37
|
return new PaseServer(sessions, w0, L, pbkdfParameters);
|
|
39
38
|
}
|
|
40
39
|
static fromVerificationValue(sessions, verificationValue, pbkdfParameters) {
|
|
@@ -52,7 +51,7 @@ class PaseServer {
|
|
|
52
51
|
"Pase server: Pairing already in progress (PASE establishment Timer running), ignoring new exchange."
|
|
53
52
|
);
|
|
54
53
|
} else {
|
|
55
|
-
await this.handlePairingRequest(messenger);
|
|
54
|
+
await this.handlePairingRequest(this.sessions.crypto, messenger);
|
|
56
55
|
}
|
|
57
56
|
} catch (error) {
|
|
58
57
|
this.#pairingErrors++;
|
|
@@ -71,7 +70,7 @@ class PaseServer {
|
|
|
71
70
|
await exchange.session.destroy();
|
|
72
71
|
}
|
|
73
72
|
}
|
|
74
|
-
async handlePairingRequest(messenger) {
|
|
73
|
+
async handlePairingRequest(crypto, messenger) {
|
|
75
74
|
logger.info(`Received pairing request from ${messenger.getChannelName()}.`);
|
|
76
75
|
this.#pairingTimer = Time.getTimer(
|
|
77
76
|
"PASE pairing timeout",
|
|
@@ -92,7 +91,7 @@ class PaseServer {
|
|
|
92
91
|
throw new UnexpectedDataError(`Unsupported passcode ID ${passcodeId}.`);
|
|
93
92
|
}
|
|
94
93
|
const responderSessionId = await this.sessions.getNextAvailableSessionId();
|
|
95
|
-
const responderRandom =
|
|
94
|
+
const responderRandom = crypto.randomBytes(32);
|
|
96
95
|
const responderSessionParams = this.sessions.sessionParameters;
|
|
97
96
|
const tcpSupported = responderSessionParams.supportedTransports?.tcpClient || responderSessionParams.supportedTransports?.tcpServer || false;
|
|
98
97
|
const responsePayload = await messenger.sendPbkdfParamResponse({
|
|
@@ -108,7 +107,8 @@ class PaseServer {
|
|
|
108
107
|
}
|
|
109
108
|
});
|
|
110
109
|
const spake2p = Spake2p.create(
|
|
111
|
-
|
|
110
|
+
crypto,
|
|
111
|
+
await crypto.computeSha256([SPAKE_CONTEXT, requestPayload, responsePayload]),
|
|
112
112
|
this.w0
|
|
113
113
|
);
|
|
114
114
|
const { x: X } = await messenger.readPasePake1();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/pase/PaseServer.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EAEA;AAAA,OACG;AAEP,SAAS,QAAQ,oBAAoB,kCAAkC;AAGvE,SAAS,kCAAkC;AAC3C,SAAS,qBAAqB,qBAAqB,qBAAqB;AAExE,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,OAAO,IAAI,YAAY;AAEtC,MAAM,0BAA0B;AAChC,MAAM,gCAAgC;AAE/B,MAAM,6CAA6C,gBAAgB;AAAC;AAEpE,MAAM,WAAsC;AAAA,EAsB/C,YACY,UACS,IACA,GACA,iBACnB;AAJU;AACS;AACA;AACA;AAAA,EAClB;AAAA,EA1BM,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA,iBAAiB;AAAA,EAEjB,aAAa,QAAQ,UAA0B,cAAsB,iBAAkC;AACnG,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,QAAQ,WAAW,SAAS,QAAQ,iBAAiB,YAAY;AACzF,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EAEA,OAAO,sBACH,UACA,mBACA,iBACF;AACE,UAAM,KAAK,gBAAgB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACzD,UAAM,IAAI,kBAAkB,MAAM,IAAI,KAAK,EAAE;AAC7C,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EASA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,QAAI;AAKA,UAAI,KAAK,SAAS,eAAe,GAAG;AAChC,eAAO,KAAK,wFAAwF;AAAA,MACxG,WAAW,KAAK,eAAe,WAAW;AACtC,eAAO;AAAA,UACH;AAAA,QACJ;AAAA,MACJ,OAAO;AAEH,cAAM,KAAK,qBAAqB,KAAK,SAAS,QAAQ,SAAS;AAAA,MACnE;AAAA,IACJ,SAAS,OAAO;AACZ,WAAK;AACL,aAAO;AAAA,QACH,oDAAoD,KAAK,cAAc,IAAI,6BAA6B;AAAA,QACxG;AAAA,MACJ;AAGA,YAAM,YAAY,EAAE,iBAAiB;AACrC,YAAM,KAAK,cAAc,WAAW,SAAS;AAE7C,UAAI,KAAK,kBAAkB,+BAA+B;AACtD,cAAM,IAAI;AAAA,UACN;AAAA,QACJ;AAAA,MACJ;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAc,qBAAqB,QAAgB,WAAgC;AAC/E,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,GAAG;AAE1E,SAAK,gBAAgB,KAAK;AAAA,MAAS;AAAA,MAAwB;AAAA,MAAyB,MAChF,KAAK,cAAc,SAAS;AAAA,IAChC,EAAE,MAAM;AAGR,UAAM;AAAA,MACF;AAAA,MACA,SAAS;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,oBAAoB;AAAA,MACxB;AAAA,IACJ,IAAI,MAAM,UAAU,sBAAsB;AAC1C,QAAI,eAAe,qBAAqB;AACpC,YAAM,IAAI,oBAAoB,2BAA2B,UAAU,GAAG;AAAA,IAC1E;AAEA,UAAM,qBAAqB,MAAM,KAAK,SAAS,0BAA0B;AACzE,UAAM,kBAAkB,OAAO,YAAY,EAAE;AAE7C,UAAM,yBAAyB,KAAK,SAAS;AAC7C,UAAM,eACF,uBAAuB,qBAAqB,aAC5C,uBAAuB,qBAAqB,aAC5C;AACJ,UAAM,kBAAkB,MAAM,UAAU,uBAAuB;AAAA,MAC3D;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,qBAAqB,SAAY,KAAK;AAAA,MACvD,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,uBAAuB,oBAAoB;AAAA,MACjF;AAAA,IACJ,CAAC;AAGD,UAAM,UAAU,QAAQ;AAAA,MACpB;AAAA,MACA,MAAM,OAAO,cAAc,CAAC,eAAe,gBAAgB,eAAe,CAAC;AAAA,MAC3E,KAAK;AAAA,IACT;AACA,UAAM,EAAE,GAAG,EAAE,IAAI,MAAM,UAAU,cAAc;AAC/C,UAAM,IAAI,QAAQ,SAAS;AAC3B,UAAM,EAAE,IAAI,KAAK,IAAI,IAAI,MAAM,QAAQ,+BAA+B,KAAK,GAAG,GAAG,CAAC;AAClF,UAAM,UAAU,cAAc,EAAE,GAAG,GAAG,UAAU,IAAI,CAAC;AAGrD,UAAM,EAAE,SAAS,IAAI,MAAM,UAAU,cAAc;AACnD,QAAI,CAAC,MAAM,SAAS,UAAU,GAAG,GAAG;AAChC,YAAM,IAAI,oBAAoB,yDAAyD;AAAA,IAC3F;AAGA,UAAM,KAAK,SAAS,oBAAoB;AAAA,MACpC,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,YAAY,OAAO;AAAA,MACnB;AAAA,MACA,cAAc;AAAA,MACd,MAAM,IAAI,WAAW,CAAC;AAAA,MACtB,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB;AAAA,IAC3B,CAAC;AACD,WAAO,KAAK,WAAW,kBAAkB,iBAAiB,UAAU,eAAe,CAAC,GAAG;AAEvF,UAAM,UAAU,YAAY;AAC5B,UAAM,UAAU,MAAM;AAEtB,SAAK,eAAe,KAAK;AACzB,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,cAAc,WAAgC,YAAY,MAAM;AAClE,SAAK,eAAe,KAAK;AACzB,SAAK,gBAAgB;AAErB,QAAI,WAAW;AACX,YAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,IAC7D;AACA,UAAM,UAAU,MAAM;AAAA,EAC1B;AAAA,EAEA,MAAM,QAAQ;AAAA,EAEd;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@matter/protocol",
|
|
3
|
-
"version": "0.15.0-alpha.0-
|
|
3
|
+
"version": "0.15.0-alpha.0-20250616-4b3754906",
|
|
4
4
|
"description": "Low-level APIs for Matter interaction",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"iot",
|
|
@@ -40,13 +40,13 @@
|
|
|
40
40
|
"#*": "./src/*"
|
|
41
41
|
},
|
|
42
42
|
"dependencies": {
|
|
43
|
-
"@matter/general": "0.15.0-alpha.0-
|
|
44
|
-
"@matter/model": "0.15.0-alpha.0-
|
|
45
|
-
"@matter/types": "0.15.0-alpha.0-
|
|
43
|
+
"@matter/general": "0.15.0-alpha.0-20250616-4b3754906",
|
|
44
|
+
"@matter/model": "0.15.0-alpha.0-20250616-4b3754906",
|
|
45
|
+
"@matter/types": "0.15.0-alpha.0-20250616-4b3754906"
|
|
46
46
|
},
|
|
47
47
|
"devDependencies": {
|
|
48
|
-
"@matter/tools": "0.15.0-alpha.0-
|
|
49
|
-
"@matter/testing": "0.15.0-alpha.0-
|
|
48
|
+
"@matter/tools": "0.15.0-alpha.0-20250616-4b3754906",
|
|
49
|
+
"@matter/testing": "0.15.0-alpha.0-20250616-4b3754906"
|
|
50
50
|
},
|
|
51
51
|
"files": [
|
|
52
52
|
"dist/**/*",
|
|
@@ -36,6 +36,7 @@ export class AttestationCertificateManager {
|
|
|
36
36
|
readonly #paaKeyPair = PrivateKey(TestCert_PAA_NoVID_PrivateKey, {
|
|
37
37
|
publicKey: TestCert_PAA_NoVID_PublicKey,
|
|
38
38
|
});
|
|
39
|
+
readonly #certs: CertificateManager;
|
|
39
40
|
readonly #vendorId: VendorId;
|
|
40
41
|
readonly #paiKeyPair: PrivateKey;
|
|
41
42
|
readonly #paiKeyIdentifier: Uint8Array;
|
|
@@ -44,17 +45,18 @@ export class AttestationCertificateManager {
|
|
|
44
45
|
readonly #paiCertBytes;
|
|
45
46
|
#nextCertificateId = 2;
|
|
46
47
|
|
|
47
|
-
constructor(vendorId: VendorId, paiKeyPair: PrivateKey, paiKeyIdentifier: Uint8Array) {
|
|
48
|
+
constructor(crypto: Crypto, vendorId: VendorId, paiKeyPair: PrivateKey, paiKeyIdentifier: Uint8Array) {
|
|
49
|
+
this.#certs = new CertificateManager(crypto);
|
|
48
50
|
this.#vendorId = vendorId;
|
|
49
51
|
this.#paiKeyPair = paiKeyPair;
|
|
50
52
|
this.#paiKeyIdentifier = paiKeyIdentifier;
|
|
51
53
|
this.#paiCertBytes = this.generatePAICert(vendorId);
|
|
52
54
|
}
|
|
53
55
|
|
|
54
|
-
static async create(vendorId: VendorId) {
|
|
55
|
-
const key = await
|
|
56
|
-
const identifier = await
|
|
57
|
-
return new AttestationCertificateManager(vendorId, key, identifier.slice(0, 20));
|
|
56
|
+
static async create(crypto: Crypto, vendorId: VendorId) {
|
|
57
|
+
const key = await crypto.createKeyPair();
|
|
58
|
+
const identifier = await crypto.computeSha256(key.publicKey);
|
|
59
|
+
return new AttestationCertificateManager(crypto, vendorId, key, identifier.slice(0, 20));
|
|
58
60
|
}
|
|
59
61
|
|
|
60
62
|
getPAICert() {
|
|
@@ -62,7 +64,7 @@ export class AttestationCertificateManager {
|
|
|
62
64
|
}
|
|
63
65
|
|
|
64
66
|
async getDACert(productId: number) {
|
|
65
|
-
const dacKeyPair = await
|
|
67
|
+
const dacKeyPair = await this.#certs.crypto.createKeyPair();
|
|
66
68
|
return {
|
|
67
69
|
keyPair: dacKeyPair,
|
|
68
70
|
dac: await this.generateDaCert(dacKeyPair.publicKey, this.#vendorId, productId),
|
|
@@ -103,7 +105,7 @@ export class AttestationCertificateManager {
|
|
|
103
105
|
authorityKeyIdentifier: this.#paaKeyIdentifier,
|
|
104
106
|
},
|
|
105
107
|
};
|
|
106
|
-
return
|
|
108
|
+
return this.#certs.productAttestationAuthorityCertToAsn1(unsignedCertificate, this.#paaKeyPair);
|
|
107
109
|
}
|
|
108
110
|
|
|
109
111
|
private generatePAICert(vendorId: VendorId, productId?: number) {
|
|
@@ -137,7 +139,7 @@ export class AttestationCertificateManager {
|
|
|
137
139
|
authorityKeyIdentifier: this.#paaKeyIdentifier,
|
|
138
140
|
},
|
|
139
141
|
};
|
|
140
|
-
return
|
|
142
|
+
return this.#certs.productAttestationIntermediateCertToAsn1(unsignedCertificate, this.#paaKeyPair);
|
|
141
143
|
}
|
|
142
144
|
|
|
143
145
|
async generateDaCert(publicKey: Uint8Array, vendorId: VendorId, productId: number) {
|
|
@@ -167,10 +169,10 @@ export class AttestationCertificateManager {
|
|
|
167
169
|
keyUsage: {
|
|
168
170
|
digitalSignature: true,
|
|
169
171
|
},
|
|
170
|
-
subjectKeyIdentifier: (await
|
|
172
|
+
subjectKeyIdentifier: (await this.#certs.crypto.computeSha256(publicKey)).slice(0, 20),
|
|
171
173
|
authorityKeyIdentifier: this.#paiKeyIdentifier,
|
|
172
174
|
},
|
|
173
175
|
};
|
|
174
|
-
return
|
|
176
|
+
return this.#certs.deviceAttestationCertToAsn1(unsignedCertificate, this.#paiKeyPair);
|
|
175
177
|
}
|
|
176
178
|
}
|